eTranslation Services is HIPAA-Compliant
As a language services provider for medical facilities and institutions, eTranslation Services is their business associate. As such, eTranslation Services complies with the regulations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which requires all hospitals, clinics, nursing homes, care facilities, hospices, and other healthcare institutions to comply with the mandate to protect the privacy and personal information of all patients.
Aside from the healthcare facilities, HIPAA also requires their business associates, such as lawyers, insurance companies, medical billing services, and language services providers to be HIPAA-compliant as well.
This means we have to ensure that the security and confidentiality of Protected Health Information (PHI) included in the medical translations we do.
eTranslation Services complies with the HIPAA regulations, and we enforce them in our company in the following manner:
- eTranslation Services will use protected health information (PHI) solely for translation or transcription purposes, as specified in the business associate contract we have with covered entities.
- As required by law, eTranslation Services will not use or disclose the PHI included in the translation projects we accept.
- eTranslation Services ensures clients that we will use all applicable safeguards to prevent unauthorized use or disclosure of protected health information, by accident, or with reasonable cause.
- We have installed the essential administrative, technical, and physical safeguards to ensure the integrity, confidentiality, and privacy of all electronic PHI transmitted to us.
- eTranslation Services has the necessary procedures to implement corrective action if there is any accidental or reasonable cause of violating the privacy requirement of HIPAA.
- According to our client agreement, eTranslation Services will immediately report any occurrence of PHI disclosure to clients, as soon as it comes to our knowledge.
- Following 45 CFR 164.528, eTranslation Services agrees to make all internal records and practices, including procedures and policies concerning PHI use and disclosure, available to clients within seven days after receipt of the request.
Administrative Safeguards – 45 CFR § 164.308
eTranslation Services has enforced administrative safeguards by appropriately assigning limited access permissions to electronic protected health information. We see to it that all our staff members receive information security awareness training. We also make sure that we have prepared the contracts between eTranslation Services and the covered entities we serve.
Physical Safeguards – 45 CFR § 164.310
eTranslation Services ensure that our physical office and data centers are secure. Entry to our offices is controlled by card access to prevent unauthorized entries day and night. We see to it that we have the appropriate safeguards to protect our office locations from theft, flood, fire, and other preventable or foreseeable disasters.
Technical Safeguards – 45 CFR § 164.312
eTranslation Services ensure the integrity and security of our software, hardware, and data storage device to safeguard electronic protected health information. We use Secure Socket Layer (SSL) technology to protect PHI sent over the internet. We implement policies and procedures, such as encryption, entity authentication, automatic logoff, and emergency access procedures.